App Policy

MetaKeep supports setting up an app policy to restrict the management and usage of certain app features. This allows you to set up a quorum of members who need to approve certain actions. The quorum members can be external keys and they need to sign the request too to approve the action

Here are a few examples of how the policy can be used:

  • You can create a new API key for an app and require an external hardware wallet to add a new API key or delete an existing API key.
  • You can require a quorum of members to approve the app update or policy update.
  • You can freeze the app and require a quorum of members to unfreeze the app.


Note that you can accidentally lock yourself out of the app if you set up the policy incorrectly

Please get in touch with us before setting up the policy to ensure that the policy is set up correctly. Make sure any external quorum members are recoverable in case they are lost.

Policy quorum

There are 2 types of quorum members supported:

  • ACCOUNT_ADMIN: The account admin is the owner of the MetaKeep console account or any other account(shared account) that has admin access to your account.
  • SOL_ADDRESS: An external Solana address that needs to approve the action. The public key of the Solana address needs to be provided.

The quorum has the following restrictions:

  • ACCOUNT_ADMIN is always part of the quorum.
  • The max quorum size currently suppported is 2.
  • The quorum is n-of-n. This means that all quorum members need to approve the action.

Policy types

The app policy currently has apiKeysOwnership policy type. This policy type restricts the management and usage of the API keys and other related features.

If set, the following fields require the quorum in apiKeysOwnership.quorum to be satisfied:

  • policy.apiKeysOwnership: Any changes to the apiKeysOwnership policy.
  • apiKeys.*: Any changes(add/delete/update) to the API keys.
  • apiSignatureRequired: Any changes to the apiSignatureRequired field.